CVE-2008-5505

critical

Description

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.

References

https://usn.ubuntu.com/690-1/

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10443

https://exchange.xforce.ibmcloud.com/vulnerabilities/47411

https://bugzilla.mozilla.org/show_bug.cgi?id=295994

http://www.vupen.com/english/advisories/2009/0977

http://www.securitytracker.com/id?1021428

http://www.securityfocus.com/bid/32882

http://www.redhat.com/support/errata/RHSA-2008-1036.html

http://www.mozilla.org/security/announce/2008/mfsa2008-63.html

http://www.mandriva.com/security/advisories?name=MDVSA-2008:245

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

http://secunia.com/advisories/34501

http://secunia.com/advisories/33216

http://secunia.com/advisories/33203

http://secunia.com/advisories/33188

Details

Source: Mitre, NVD

Published: 2008-12-17

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.00833

Detections

Analytics